Merge pull request #734 from hvac/token_auth

Migrate Token Auth Methods to Dedicated Class
hvac · Jul 12, 2021 · 6820c9b · 6820c9b
2 parents 60efece + fdb4f9c
commit 6820c9b
Show file tree

Hide file tree

Showing 6 changed files with 779 additions and 30 deletions.
diff --git a/docs/usage/auth_methods/token.rst b/docs/usage/auth_methods/token.rst
@@ -17,43 +17,41 @@ Token creation and revocation:
 
 .. code:: python
 
-    token = client.create_token(policies=['root'], lease='1h')
+    token = client.auth.token.create(policies=['root'], lease='1h')
 
-    current_token = client.lookup_token()
-    some_other_token = client.lookup_token('xxx')
+    current_token = client.auth.token.lookup()
+    some_other_token = client.auth.token.lookup('xxx')
 
-    client.revoke_token('xxx')
-    client.revoke_token('yyy', orphan=True)
+    client.auth.token.revoke('xxx')
+    client.auth.token.revoke('yyy', orphan=True)
 
-    client.revoke_token_prefix('zzz')
-
-    client.renew_token('aaa')
+    client.auth.token.renew('aaa')
 
 
 Lookup and revoke tokens via a token accessor:
 
 .. code:: python
 
-    token = client.create_token(policies=['root'], lease='1h')
+    token = client.auth.token.create(policies=['root'], lease='1h')
     token_accessor = token['auth']['accessor']
 
-    same_token = client.lookup_token(token_accessor, accessor=True)
-    client.revoke_token(token_accessor, accessor=True)
+    same_token = client.auth.token.lookup(token_accessor, accessor=True)
+    client.auth.token.revoke(token_accessor, accessor=True)
 
 
 Wrapping/unwrapping a token:
 
 .. code:: python
 
-    wrap = client.create_token(policies=['root'], lease='1h', wrap_ttl='1m')
+    wrap = client.auth.token.create(policies=['root'], lease='1h', wrap_ttl='1m')
     result = self.client.unwrap(wrap['wrap_info']['token'])
 
 
 Login with a wrapped token:
 
 .. code:: python
 
-    wrap = client.create_token(policies=['root'], lease='1h', wrap_ttl='1m')
+    wrap = client.auth.token.create(policies=['root'], lease='1h', wrap_ttl='1m')
     new_client = hvac.Client()
     new_client.auth_cubbyhole(wrap['wrap_info']['token'])
     assert new_client.token != wrapped_token['wrap_info']['token']
diff --git a/hvac/api/auth_methods/__init__.py b/hvac/api/auth_methods/__init__.py
@@ -14,6 +14,7 @@
 from hvac.api.auth_methods.oidc import OIDC
 from hvac.api.auth_methods.okta import Okta
 from hvac.api.auth_methods.radius import Radius
+from hvac.api.auth_methods.token import Token
 from hvac.api.auth_methods.aws import Aws
 from hvac.api.auth_methods.cert import Cert
 from hvac.api.vault_api_category import VaultApiCategory
@@ -33,6 +34,7 @@
     "OIDC",
     "Okta",
     "Radius",
+    "Token",
     "Aws",
     "Cert",
 )
@@ -54,13 +56,13 @@ class AuthMethods(VaultApiCategory):
         OIDC,
         Okta,
         Radius,
+        Token,
         Aws,
         Cert,
     ]
     unimplemented_classes = [
         "AppId",
         "AliCloud",
-        "Token",
     ]
 
     def __call__(self, *args, **kwargs):